package com.hj.security.service;

import java.util.Collection;
import java.util.HashSet;
import java.util.LinkedHashMap;

import org.springframework.security.access.ConfigAttribute;
import org.springframework.security.web.util.AntPathRequestMatcher;
import org.springframework.security.web.util.RequestMatcher;
import org.springframework.transaction.annotation.Transactional;

/**
 * 从数据库查询URL--授权定义Map的实现类.
 * 
 */
@Transactional(readOnly = true)
public class ResourceDetailsServiceImpl implements ResourceDetailsService {

	/**
	 * @see ResourceDetailsService#getRequestMap()
	 */
	public LinkedHashMap<RequestMatcher, Collection<ConfigAttribute>> getRequestMap() throws Exception {
		LinkedHashMap<RequestMatcher, Collection<ConfigAttribute>> requestMap = new LinkedHashMap<RequestMatcher, Collection<ConfigAttribute>>();
		//实际应用中，多数是从数据库中读取url-role的值对
		Collection<ConfigAttribute> lstRoleCd = new HashSet<ConfigAttribute>();
		lstRoleCd.add(new DefualtConfigAttribute("A_USER"));
		lstRoleCd.add(new DefualtConfigAttribute("A_ADMIN"));
		requestMap.put(new AntPathRequestMatcher("/**"), lstRoleCd);

		return requestMap;
	}
}
